Single Sign-On with Common Access Card

1. A method comprising: accessing user information pertaining to a user; logging-in the user to a computer system based on the user information by verifying the user information at a verification module on a server; creating a token at the verification module, wherein the token is a unique identifier that is only valid for the user's current login session, wherein the token is stored on the verification module, and wherein the verification module maintains a list of currently valid tokens; providing the token to a presentation module, wherein the presentation module presents application information to the user for applications that the user is allowed to access and allows the user to select one of the applications that the user is allowed to access; receiving a request from the user to access a first application on the computer system, wherein the first application has a first ordinary login requirement that ordinarily requires users to login in order to access the first application, and wherein the first application comprises a first token interface; in response to receiving the request to access the first application, the presentation module providing the token to the first token interface; the first token interface verifying the token by communicating with the verification module on the server; receiving a request from the user to access a second application, the second application having a second ordinary login requirement that ordinarily requires the users to login in order to access the second application; in response to receiving the request to access the second application, the presentation module providing the token to a second token interface, wherein the presentation module comprises the second token interface, and wherein the second token interface is coupled to the second application; the second token interface verifying the token by communicating with the verification module on the server; in response to the second token interface verifying the token, a ticket module generating a ticket that allows the user to bypass the second ordinary login requirement; and providing the user access to the first and second applications.

2. The method of claim 1 , further comprising: receiving a request from the user to access a third application on the computer system, wherein the third application has a third ordinary login requirement that ordinarily requires users to login in order to access the third application through an application portal, and wherein the application portal comprises a third token interface; in response to receiving the request to access the third application, the presentation module providing the token to the third token interface; the third token interface verifying the token by communicating with the verification module on the server; and providing the user access to the third application.

3. The method of claim 1 , further comprising using stored user information to login the user to the first and second applications.

4. The method of claim 1 , wherein accessing user information pertaining to the user comprises accessing information from a common access card.

5. The method of claim 1 , further comprising providing the user a single sign-on feature for all applications that the user has rights to access on the computer system.

6. The method of claim 1 , wherein the presentation module provides a common portal presentation to all users of the computer system.

7. A system comprising: a verification module configured to generate a token after authentication of a user; a presentation module configured to present application information to the user for applications that the user is allowed to access and configured to allow the user to select one of the applications that the user is allowed to access, a first application configured to receive the token and to verify the validity of the token by interfacing with the verification module, wherein the first application has a first ordinary login requirement that ordinarily requires users to login in order to access the first application, and wherein the first application comprises a first token interface configured to provide access to the user based on the verification of the token; a second token interface coupled to a second application and configured to receive the token, to verify the token by interfacing with the verification module, and to provide access to the user based on the verification of the token; wherein the second application has a second ordinary login requirement that ordinarily requires the users to login in order to access the second application, and wherein the presentation module comprises the second token interface; and wherein the second token interface is coupled to the second application; a ticket module associated with the second application and coupled to the second token interface, wherein the ticket module is further configured to generate a ticket after the second token interface verifies the token, wherein the ticket is configured to allow the user to bypass the second ordinary login requirement, and wherein the second application is configured to receive the ticket and allow access to the user based on the receipt of the ticket.

8. The system of claim 7 , further comprising an application portal comprising a third token interface, the third token interface coupled to a third application and configured to receive the token and to allow the user access to the third application through the application portal based on the receipt of the token.

9. The system of claim 7 , wherein the presentation module is configured to provide a common portal presentation to all users of the computer system.

10. The system of claim 7 , wherein the token is a unique identifier that is only valid for the user's current login session.

11. The system of claim 7 , wherein the token is stored on the verification module, and wherein the verification module maintains a list of currently valid tokens.

12. A computer program product comprising one of more computer-readable media, the media collectively having instructions that when executed on one or more machines result in at least the following: accessing user information pertaining to a user; logging-in the user to a computer system based on the user information by verifying the user information at a verification module on a server; creating a token at the verification module, wherein the token is a unique identifier that is only valid for the user's current login session, wherein the token is stored on the verification module, and wherein the verification module maintains a list of currently valid tokens; providing the token to a presentation module, wherein the presentation module presents application information to the user for applications that the user is allowed to access and allows the user to select one of the applications that the user is allowed to access; receiving a request from the user to access a first application on the computer system, wherein the first application has a first ordinary login requirement that ordinarily requires users to login in order to access the first application, and wherein the first application comprises a first token interface; in response to receiving the request to access the first application, the presentation module providing the token to the first token interface; the first token interface verifying the token by communicating with the verification module on the server; receiving a request from the user to access a second application, the second application having a second ordinary login requirement that ordinarily requires the users to login in order to access the second application; in response to receiving the request to access the second application, the presentation module providing the token to a second token interface, wherein the presentation module comprises the second token interface, and wherein the second token interface is coupled to the second application; the second token interface verifying the token by communicating with the verification module on the server; in response to the second token interface verifying the second token, a ticket module generating a ticket that allows the user to bypass the second ordinary login requirement; and providing the user access to the first and second applications.

13. The computer program product of claim 12 , wherein the computer-readable media further have instructions that when executed on one or more machines result in at least the following: receiving a request from the user to access a third application on the computer system, wherein the third application has a third ordinary login requirement that ordinarily requires users to login in order to access the third application through an application portal, and wherein the application portal comprises a third token interface; in response to receiving the request to access the third application, the presentation module providing the token to the third token interface; the third token interface verifying the token by communicating with the verification module on the server; and providing the user access to the third application.

14. A method comprising: accessing user information pertaining to a user; logging-in the user to a computer system based on the user information by verifying the user information at a verification module on a server; creating a plurality of tokens at the verification module for accessing a plurality of applications and providing at least one of the tokens to a presentation module; wherein the presentation module presents application information to the user for applications that the user is allowed to access and allows the user to select one of the applications that the user is allowed to access; wherein each of the tokens is a unique identifier for allowing access to an application associated therewith; and wherein each of the applications has a token interface associated therewith for token verification, wherein the associated token interface couples the user to a selected application with a coupling that comprises one of the following: the associated token interface comprises an interface in the selected application; the associated token interface comprises an interface in the presentation module and is coupled to the selected application through a tickets module that, in response to the token verification, generates a ticket that allows the user to bypass the second ordinary login requirement; and the associated token interface is associated with an application portal coupled to the selected application; receiving a request from the user to access a first application; in response to receiving the request to access the first application, the presentation module providing a first token to a first token interface associated with the first application; the first token interface verifying the first token by communicating with the verification module on the server; receiving a request from the user to access a second application; in response to receiving the request to access the second application, the presentation module providing a second token to a second token interface having a different coupling than the first token interface; the second token interface verifying the second token by communicating with the verification module on the server; and providing the user access to the first and second applications.

15. The method of claim 14 , wherein the tokens are stored on the verification module, and wherein the verification module maintains a list of currently valid tokens.

16. The method of claim 14 , further comprising using stored user information to login the user to the first and second applications.

17. The method of claim 14 , further comprising providing the user a single sign-on feature for all applications that the user has rights to access on the computer system.

18. The method of claim 17 , wherein the presentation module provides a common portal presentation to all users of the computer system.

19. A system comprising: a verification module configured to generate a plurality of tokens for accessing a plurality of applications after authentication of a user, wherein each of the tokens is a unique identifier for allowing access to an application associated therewith, a presentation module configured to present application information to the user for applications that the user is allowed to access and configured to allow the user to select one of the applications that the user is allowed to access, and a plurality of token interfaces associated with the plurality of applications for verifying the plurality of tokens, wherein each of the token interfaces is configured to couple the user to an associated application with a coupling that comprises one of the following: the associated token interface comprises an interface in the associated application; the associated token interface comprises an interface in the presentation module and is coupled to the associated application through a tickets module that, in response to token verification, generates a ticket that allows the user to bypass the second ordinary login requirement; and the associated token interface is associated with an application portal coupled to the associated application; and a first token interface associated with a first application configured to receive a token and to verify the validity of the token by interfacing with the verification module; and a second token interface associated with a second application and configured to receive the token, to verify the token by interfacing with the verification module, and to provide access to the user based on the verification of the token, the second token interface having a different coupling than the first token interface.

20. The system of claim 19 , wherein the verification module is further configured to store the tokens and to maintain a list of currently valid tokens.

21. The system of claim 19 , wherein the presentation module is further configured to provide a common portal presentation to the user.

22. A computer program product comprising one of more computer-readable media, the media collectively having instructions that when executed on one or more machines result in at least the following: accessing user information pertaining to a user; logging-in the user to a computer system based on the user information by verifying the user information at a verification module on a server; creating a plurality of tokens at the verification module for accessing a plurality of applications and providing at least one of the tokens to a presentation module; wherein the presentation module presents application information to the user for applications that the user is allowed to access and allows the user to select one of the applications that the user is allowed to access; wherein each of the tokens is a unique identifier for allowing access to an application associated therewith; and wherein each of the applications has a token interface associated therewith for token verification, wherein the associated token interface couples the user to a selected application with a coupling that comprises one of the following: the associated token interface comprises an interface in the selected application; the associated token interface comprises an interface in the presentation module and is coupled to the selected application through a tickets module that, in response to the token verification, generates a ticket that allows the user to bypass the second ordinary login requirement; and the associated token interface is associated with an application portal coupled to the selected application; receiving a request from the user to access a first application; in response to receiving the request to access the first application, the presentation module providing a first token to a first token interface associated with the first application; the first token interface verifying the first token by communicating with the verification module on the server; receiving a request from the user to access a second application; in response to receiving the request to access the second application, the presentation module providing a second token to a second token interface having a different coupling than the first token interface; the second token interface verifying the second token by communicating with the verification module on the server; and providing the user access to the first and second applications.

23. The computer program product of claim 22 , further comprising instructions that when executed on one or more machines result in storing the tokens on the verification module, wherein the verification module maintains a list of currently valid tokens.

24. The computer program product of claim 22 , further comprising instructions that when executed on one or more machines result in providing the user a single sign-on feature for all applications that the user has rights to access on the computer system.

25. The computer program product of claim 22 , further comprising instructions that when executed on one or more machines result in the presentation module providing a common portal presentation to all users of the computer system.